Deterministic builds under Windows

Question

The ultimate goal is comparing 2 binaries built from exact same source in exact same environment and being able to tell that they indeed are functionally equivalent.

<

Answer 1

Standardise Build Paths

A simple solution would be to standardise on your build paths, so they are always of the form, for example:

c:\buildXXXX

Then, when you compare, say, build0434 to build0398, just preprocess the binary to change all occurrences of build0434 to build0398. Choose a pattern you know is unlikely to show up in your actual source/data, except in those strings the compiler/linker embed into the PE.

Then you can just do your normal difference analysis. By using the same length pathnames, you won't shift any data around and cause false positives.

Dumpbin utility

Another tip is to use dumpbin.exe (ships with MSVC). Use dumpbin /all to dump all details of a binary to a text/hex dump. This can make it more obvious to see what/where is changing.

For example:

dumpbin /all program1.exe > program1.txt
dumpbin /all program2.exe > program2.txt
windiff program1.txt program2.txt

Or use your favourite text diffing tool, instead of Windiff.

Bindiff utility

You may find Microsoft's bindiff.exe tool useful, which can be obtained here:

Windows XP Service Pack 2 Support Tools

It has a /v option, to instruct it to ignore certain binary fields, such as timestamps, checksums, etc.:

"BinDiff uses a special compare routine for Win32 executable files that masks out various build time stamp fields in both files when performing the compare. This allows two executable files to be marked as "Near Identical" when the files are truely identical, except for the time they were built."

However, it sounds like you may be already doing a superset of what bindiff.exe does.